Tech

U.N. Offices Targeted In 'Sophisticated' Cyberattack

The U.N. reportedly kept quiet for months about a major cybersecurity attack on its human rights offices in Geneva and Vienna.

U.N. Offices Targeted In 'Sophisticated' Cyberattack
AP / Ronald Zak
SMS

The United Nations was the target of a hacking operation that included complex cyberattacks on its human rights offices in Geneva and Vienna. That's according to a confidential U.N. document leaked to The New Humanitarian news agency.

The attacks reportedly began in July 2019, with hackers compromising dozens of U.N. servers. IT officials issued reports flagging the vulnerabilities, but U.N. spokesperson Stéphane Dujarric said the agency had kept the breach quiet because the "nature and scope of the incident could not be determined."

On Wednesday, Dujarric said the agency took "comprehensive" action to address the attacks, which he described as a "serious" hack of "core infrastructure components" at both offices. When asked about an alleged cover-up and the possibility that "sensitive humanitarian and human rights data" had been stolen, Dujarric told reporters that attempted strikes against "UN IT infrastructure happen often."

Dujarric said: "Attempts are made regularly. The server that you are referring to was part of a development environment and contained non-sensitive test data from two development servers used for web application. People who needed to be notified were notified."

Dujarric said the U.N. had not yet been able to pinpoint "any specific potential attacker" but the hack appeared to be "a well sourced attack."

Jake Williams is the founder of Rendition Infosec, a cybersecurity firm. He said the attacks appeared to have been an "espionage operation" based on "the relatively small number of machines that were compromised."

Williams said: "That, combined with the three different active directory domains that were compromised, is highly suggestive of an espionage operation, where the attackers are looking for some very specific data on very specific machines, rather than trying to do a 'carpet bombing' of the entire domain."

According to a senior U.N. IT official who spoke to The New Humanitarian, an estimated 400 gigabytes of data could have been downloaded. The official said, "Once you've got privileged access, you've got into everything."